Primz Posted May 29, 2017 Share Posted May 29, 2017 Well hello everyone...... has been a long long time. Sorry for the absence but work, family and life in general does get in the way sometimes. Anyways to the point for the last 3 years have been going about my pentesting career and lately have been involved in the R&D on a new network auditing and monitoring suit of tools. They are not letting off much at all on what they are working on but have said it's a network tool and they have given me a feedback form or should I say book of forms and the bulk of it is them asking what arsenal of tools/features would I want to see if I could make my own product for my own network? Good question to be honest as this is something I've not really thought about. As I use metasploit in pretty much all of my pen tests, I only really look at it from one side of the fence and again use the same steps for all my pen tests to be honest apart from the odd tweak here and there if needed. But from a network managers point of view what would they want and what tools would they want to encompass for network monitoring, pattern detection, network A.I, port and device scanning, traffic info, exploit testing, sql scanning, auditing and reporting in real time ect, credential security ect you name it. So so being blunt, not for you guys to do my homework for me but if it was your network and you had a tailor pick a suit of tools (open source) then what would they be and why? Primz Quote Link to comment Share on other sites More sharing options...
JohnDoeY Posted August 10, 2017 Share Posted August 10, 2017 Network Monitor Port Monitoring : Cacti (free) Device Monitoring: Nagios / Icinga / Check_MK SIEM: Splunk / SyslogD (for up to 500MB Data / Day free) Traffic Analysis: Security Onion (Snort, Bro, Snorby..., free) Pattern Detection - Endpoint: Trend Micro Client Server messaging suite Pattern Detection - Gateway / Proxy: Bluecoat Proxy SG with CAS Services Pattern Detection - Gateway / Router: Kaspersky Engine / IDS Components from Juniper Pattern Detection / AV / Log Inspection etc: Trend Micro Deep Security Auditing: openVAS (free with community license) All of those is / has been running on my networks, sadly there is no "one size fits all" product with one single report builder, so its a ton of information to look after Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.